Free Tool • 100% Client-Side

Email Header Analyzer

Paste raw email headers below. We'll show you authentication results, routing hops, and delivery details.

Your headers never leave your browser — all analysis is done locally.

How to View Email Headers

Gmail

Open the email, click the three dots (⋮) in the top right, select Show original. Copy all the headers from the top of the page.

Outlook / Microsoft 365

Open the email, click the three dots (⋮), select View message source or go to Message Properties and copy the Internet Headers.

Apple Mail

Open the email, go to View → Message → All Headers, or use View → Message → Raw Source.

ProtonMail

Open the email, click the three dots (⋮), select View headers.

What Are Email Headers?

Email headers are metadata attached to every email. They contain the complete routing path from sender to recipient, plus authentication results (SPF, DKIM, DMARC, ARC), timestamps, and server information.

Headers are added by each mail server that handles the message. The most recent headers appear at the top, and the oldest at the bottom — so you read them bottom-to-top to trace the delivery path.

Analyzing headers helps you diagnose delivery problems, identify spoofing attempts, measure server delays, and verify that authentication is passing correctly.

Fix forwarding auth with ARC-Relay

Frequently Asked Questions

How do I find email headers in Gmail?
Open the email in Gmail, click the three-dot menu in the top right corner, and select 'Show original.' This opens a new tab with the full email headers and source. Copy everything above the first blank line (the headers section) and paste it into this analyzer.
What does 'Authentication-Results: spf=pass' mean?
The Authentication-Results header is added by the receiving mail server after checking SPF, DKIM, and DMARC. 'spf=pass' means the sending server's IP was authorized by the sender's SPF record. Other results include 'fail' (unauthorized), 'softfail' (suspicious), 'temperror' (temporary DNS error), and 'permerror' (permanent configuration error).
What is an ARC chain in email headers?
ARC (Authenticated Received Chain) is a set of three headers added by each intermediary server: ARC-Seal, ARC-Message-Signature, and ARC-Authentication-Results. Each set is numbered (i=1, i=2, etc.) and cryptographically signed. ARC preserves authentication results through forwarding so the final recipient can verify the email was legitimate at each hop.
Why do email headers show the route bottom-to-top?
Each server that handles an email adds a new Received header at the top. The first server to touch the email creates the bottom-most Received header, and the final delivery server creates the top-most one. Reading bottom-to-top traces the email's actual journey from sender to recipient.
Are my email headers private when I paste them here?
Yes. This analyzer runs 100% in your browser — no data is sent to any server. The JavaScript parses and displays the headers entirely on the client side. Your headers never leave your device.

More Free Tools

DMARC Record Checker
Analyze your DMARC policy and get recommendations
SPF Record Validator
Check your SPF record for errors and lookup limits
ARC Chain Validator
Validate ARC seal chains for forwarded emails
Email Health Score
Get a 0-100 grade for your domain's email authentication